<%@page import="java.sql.DriverManager"%>
<%@page import="Configurations.OTSFile"%>
<%@page import="Configurations.AYFile"%>
<%@page import="java.util.ArrayList"%>
<%@page import="Configurations.MySQL"%>
<%@page import="java.sql.PreparedStatement"%>
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.Connection"%>

<%
    // Retrieve information submitted by user
    String rating = request.getParameter("rating");
    String comments = request.getParameter("comments");
    String username = (String) session.getAttribute("username");
    String appEmail = request.getParameter("appEmail");
    System.out.println("Application Email: " + appEmail);
    System.out.println("Username: " + username);
    System.out.println("Rating: " + rating);
    System.out.println("Comments: " + comments);
    // Did user enter a valid rating? (Must be numerical)
    boolean valid = true;
    try {
        double temp = Double.parseDouble(rating);
    } catch (Exception e) {
        valid = false;
    }

    if (valid) {
        Connection con = null;
        ResultSet rs = null;
        PreparedStatement ps = null;
        Class.forName(MySQL.DB_DRIVER);
        con = DriverManager.getConnection(MySQL.DB_URL, MySQL.DB_USER, MySQL.DB_PASS);
        String sql = "INSERT INTO " + MySQL.DB_REVS + " ("
                + MySQL.DB_REVS_APP_EMAIL + ","
                + MySQL.DB_REVS_REV_USER + ","
                + MySQL.DB_REVS_RATING + ","
                + MySQL.DB_REVS_COMMENTS + ") VALUES (?,?,?,?)";
        ps = con.prepareStatement(sql);
        ps.setString(1, appEmail);
        ps.setString(2, username);
        ps.setString(3, rating);
        ps.setString(4, comments);
        System.out.println(ps.toString());
        ps.execute();
        
        // Remove application from assigned list
        sql = "SELECT * FROM " + MySQL.DB_LOGIN + " WHERE " + MySQL.DB_LOGIN_USERNAME + "=?";
        ps = con.prepareStatement(sql);
        ps.setString(1, username);
        System.out.println(ps.toString());
        rs = ps.executeQuery();
        rs.next();
        String assigned = rs.getString(MySQL.DB_LOGIN_ASSIGNED);
        assigned = assigned.replaceFirst(appEmail, "");
        sql = "UPDATE " + MySQL.DB_LOGIN + " SET " + MySQL.DB_LOGIN_ASSIGNED + "=?" + " WHERE " + MySQL.DB_LOGIN_USERNAME + "=?";
        ps = con.prepareStatement(sql);
        ps.setString(1, assigned);
        ps.setString(2, username);
        System.out.println(ps.toString());
        ps.execute();  

        // Tell other parts of the system that the review was saved
        session.setAttribute("saveReview", "saved");
        System.out.println("Review is saved");

        con.close();
        ps.close();
        rs.close();
    } else {
        session.setAttribute("saveReview", "badRating");
    }
    // Redirect if this page is being displayed by itself
    // Redirect back to index.jsp when changes are saved is complete
    if (request.getServletPath().equals("/saveReview.jsp")) {
        response.sendRedirect("");
    }
%>